Claims 

Please cancel claims 1-85 without prejudice. 
1-85. (Cancelled) 

Please add the following new claims: 

86. (New) A method for protecting data in an apparatus having an open system 
architecture comprising: 

receiving encrypted data in the apparatus; 

generating raw data in a closed subsystem of the apparatus by decrypting the 
encrypted data and optionally performing additional processing on the encrypted data; 
preventing access to the raw data outside of the closed subsystem; 
generating protected data in the closed subsystem by re-encrypting the raw data; 

and 

asserting the protected data from the closed subsystem to an external device or 

system. 

87. (New) The method of claim 86, wherein the encrypted data is encrypted using a 
first encryption protocol and the protected data is generated using a second encryption 
protocol. 

88. (New) The method of claim 86, wherein generating raw data includes: 
decrypting the encrypted data to generate decrypted data; and 
decompressing the decrypted data to generate the raw data. 

89. (New) The method of claim 86, wherein the apparatus is an entertainment device. 
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90. (New) The method of claim 86, wherein the encrypted data comprises digital 
video data. 



9 1 . (New) The method of claim 90, wherein receiving encrypted data includes 
reading the digital video data from a disk. 

92. (New) The method of claim 90, wherein the digital video data comprises 
high-definition digital video data, and wherein re-encrypting the raw data includes 
re-encrypting the raw data in accordance with the HDCP (High-bandwidth Digital Data 
Protection) protocol. 

93. (New) The method of claim 86, wherein re-encrypting the raw data includes the 
use of key data, and further comprising preventing the key data from being disclosed 
outside of the closed subsystem except to the external device or system. 

94. (New) The method of claim 86, wherein the encrypted data is received from a 
source external to the apparatus. 

95. (New) The method of claim 94, wherein the source external to the apparatus is 
the Internet. 

96. (New) The method of claim 86, further comprising generating additional data and 
asserting the additional data to the closed system. 

97. (New) The method of claim 96, further comprising asserting the additional data 
from the closed system to the external device or system without encryption. 
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98. (New) The method of claim 86, wherein the external device or system comprises 
a display device. 

99. (New) An apparatus comprising: 
an open system architecture; 

a closed subsystem within the open system architecture, the closed subsystem 
configured to receive encrypted data, decrypt the encrypted data to generate raw data, and 
re-encrypt the raw data to generate protected data, the closed system preventing access to 
the raw data outside of the closed subsystem; and 

an output, the closed subsystem to assert the protected data to an external device 
or system via the output. 

1 00. (New) The apparatus of claim 99, wherein the protected data comprises 
encrypted high-definition digital video data. 

101. (New) The apparatus of claim 99, further comprising a second subsystem 
configured to generate additional data and to assert the additional data to the closed 
subsystem. 

102. (New) The apparatus of claim 101, wherein the additional data comprises 
audiovisual data. 

103. (New) The apparatus of claim 101, wherein the additional data comprises menu 
information. 
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104. (New) The apparatus of claim 101, wherein the closed subsystem is operable in a 
first mode to assert the protected data to the output and in a second to assert the 
additional data to the output. 

105. (New) The apparatus of claim 99, wherein the closed subsystem is operable to 
re-encrypt the raw data using key data. 

106. (New) The apparatus of claim 105, wherein the closed subsystem is operable to 
prevent release of the key data outside of the closed subsystem except to the external 
device or system. 

1 07. (New) The apparatus of claim 99, wherein the output includes one or more 
HDMI (Definition Multimedia Interface) compatible links from the apparatus to the 
external device or system. 

108. (New) The apparatus of claim 99, wherein the closed subsystem comprises an 
HD-DVD drive configured to decrypt high-definition digital video read from a disk to 
generate decrypted data, to perform decompression on the decrypted data to generate raw 
data, and to generate the protected data by re-encrypting the raw data. 

1 09. (New) The apparatus of claim 99, wherein the closed subsystem is configured to 
re-encrypt the raw data in accordance with the HDCP (High-bandwidth Digital Data 
Protection) protocol. 

1 10. (New) The apparatus of claim 99, wherein the apparatus is configured to 
communicate bidirectionally with the external device or system to execute an 
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authentication protocol the prior to assertion of the re-encrypted data to the external 
device or system. 

111. (New) The apparatus of claim 110, wherein the apparatus executing the 
authentication protocol includes verifying that the external device or system is authorized 
to receive the protected data and to establish shared secret values for use in encryption 
and decryption of data. 

1 12. (New) The apparatus of claim 99, wherein the apparatus is an entertainment 
device. 

113. (New) An apparatus comprising: 

an open system architecture configured to allow end users to add or remove 
hardware components, software modules, or both; 

a closed subsystem that does not provide a users a way to add hardware or 
software thereto or remove hardware or software therefrom, the closed system being 
included in the open system architecture, wherein: 

the closed subsystem is configured to receive data encrypted according to 

a first encryption protocol, decrypt the encrypted data to generate raw data, and 

re-encrypt the raw data using a second encryption protocol to generate protected 

data, and 

the closed system is configured to prevent access to the raw data outside 
of the closed subsystem; and 

an output, the closed subsystem to assert the protected data to an external device 
or system via the output. 
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114. (New) The apparatus of claim 1 13, wherein the protected data comprises 
encrypted high-definition digital video data. 

114. (New) The apparatus of claim 113, further comprising a second subsystem 
configured to generate additional data and to assert the additional data to the closed 
subsystem. 

115. (New) The apparatus of claim 101, wherein the closed subsystem is operable to: 
assert the protected data with encryption to the output; and 

to assert the additional data without encryption to the output. 

116. (New) The apparatus of claim 101, wherein the closed subsystem is to re-encrypt 
the raw data using key data, and is to prevent release of the key data outside of the closed 
subsystem except to the external device or system. 

1 1 7. (New) The apparatus of claim 101, wherein the apparatus is configured to 
communicate bidirectionally with the external device or system to execute an 
authentication protocol the prior to assertion of the re-encrypted data to the external 
device or system. 

1 1 8. (New) The apparatus of claim 1 1 7, wherein the apparatus executing the 
authentication protocol includes verifying that the external device or system is authorized 
to receive the protected data and to establish shared secret values for use in encryption 
and decryption of data. 

119. (New) A system comprising: 
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a first apparatus with an open system architecture, the first apparatus including a 
closed subsystem within the open system architecture, the closed subsystem configured to 
receive encrypted content, decrypt the encrypted content to generate raw content, 
re-encrypt the raw content to generate protected content, and transmit the protected data 
via an output, the closed system preventing access to the raw content outside of the 
closed subsystem; and 

a second apparatus including an input to receive the protected content and 
decryption circuitry to generate raw content by decrypting the encrypted video data. 

120. (New) The system of claim 119, wherein the protected content comprises 
encrypted high-definition digital video data. 

121. (New) The system of claim 120, wherein the second apparatus includes a digital 
video monitor. 

122. (New) The system of claim 119, wherein the closed subsystem is configured to 
receive the encrypted content from a remote source. 

123. (New) The system of claim 119, wherein the closed subsystem is further to 
perform decompression on the decrypted data in the generation of the raw content. 
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